Today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Huntsville, AL (On-Site/Office)
Tyto Athene is hiring a Cybersecurity Analyst SME to support a 24/7/365 Enterprise Security Operations Center (ESOC). The mission of the ESOC is to defend the customer against cyber threats through proactive engagement, vigilant monitoring, and prompt response. You will play a critical role in conducting in-depth analyses and responding to incidents of potential cyber threats.
Responsibilities:
* Conduct continuous monitoring of security alerts and events from various sources, such as security tools, logs, and sensors.
* Analyze the data to identify potential security incidents or anomalies.
* Detect and identify security incidents and breaches in real-time or near-real-ti
* Utilize security information and event management (SIEM) systems to correlate data and detect patterns indicative of malicious acti
* Prioritize, and triage security alerts based on their severity and potential impact.
* Determine whether an alert requires immediate attention and response.
* Initiate incident response procedures for confirmed security incidents.
* Coordinate and collaborate with incident response teams to contain, eradicate, and recover from security breaches.
* Conduct digital forensics investigations and malware analysis, taking a lead role in investigations of complex security incidents.
* Maintain communication with relevant stakeholders, including IT teams, management, and external parti
* Collaborate with different teams to share information and coordinate response efforts.
* Leverage threat intelligence to defend against potential attacks proacti
* Generate reports on security incidents, including their nature, scope, and impact and disseminate upon approval for release.
* Maintain a robust understanding of current and emerging cybersecurity threats, vulnerabilities, and trends, leveraging this knowledge to inform proactive defense strategies.
* Utilize various threat intelligence sources to integrate and operationalize threat intelligence within security operati
* Maintain a strong understanding of security awareness training techniques, effectively educating staff on best practices and threat awareness.
* Exemplify a commitment to ethical conduct and maintaining the confidentiality, integrity, and availability of organizational data.
* Apply principles of risk management and vulnerability assessment to identify and mitigate potential security risks effecti
* Mentor and train SOC analysts
Required:
* Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field; OR Master's degree in Cybersecurity, Information Security, or a related field can be beneficial and may enhance your qualifications.
* A minimum of eight (8) years of overall experience with six (6) or more in the cybersecurity field including Enterprise Security Operations Center (ESOC) watch teams, network monitoring, incident response, digital forensics, malware analysis, etc.
* Must possess at least one (1) of the following certifications: GMON, GCIH, GCFA, GCIA, GNFA, GCTD, or GCFR
* Demonstrated expertise in leveraging Splunk for threat detection, incident investigation, and security event correlation, including the development of custom queries (SPL), dashboards, and alerts to support advanced cyber threat analysis.
* Possess in-depth knowledge of cybersecurity principles, practices, and frameworks, including Incident Response Frameworks, Executive Orders and National Cybersecurity Strategies, CIS Controls, ISO/IEC 27001, NIST Cybersecurity Framework and Federal Information Security Management Act (FISMA), to guide SOC operati
* Familiarity with various security technologies, including firewalls, IDS/IPS, endpoint protection, security information and event management (SIEM) tools, and advanced threat detection tools.
* Expert knowledge of network protocols, operating systems, and application security to effectively analyze and respond to emerging threats.
* Expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK, to inform security strategies and enhance threat analysis.
* Advanced analytical and problem-solving skills to assess complex security incidents and identify root causes, ensuring effective resoluti
* Ability to create and maintain comprehensive incident response procedures, playbooks, and detailed reports on security incidents.
* Possess excellent communication skills to convey complex technical information clearly to diverse stakeholders, including management and non-technical teams.
* Demonstrated the ability to lead and collaborate effectively with cross-functional teams, including IT, compliance, legal, and external partners, to enhance overall security posture.
* Ability to analyze and interpret security metrics to assess and improve the effectiveness of security controls and operati
* Capability to evaluate and recommend new security technologies and tools to enhance the SOC's capabilities and overall security posture.
Desired:
* Experience with MS Sentinel
* Experience with scripting or programming languages (e.g., PowerShell, Python)
Clearance:
* Active Top Secret with SCI eligibility
Location: Huntsville, AL (on-site)
Compensation:
* Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
* Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?
Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
Responsibilities:
* Conduct continuous monitoring of security alerts and events from various sources, such as security tools, logs, and sensors.
* Analyze the data to identify potential security incidents or anomalies.
* Detect and identify security incidents and breaches in real-time or near-real-ti
* Utilize security information and event management (SIEM) systems to correlate data and detect patterns indicative of malicious acti
* Prioritize, and triage security alerts based on their severity and potential impact.
* Determine whether an alert requires immediate attention and response.
* Initiate incident response procedures for confirmed security incidents.
* Coordinate and collaborate with incident response teams to contain, eradicate, and recover from security breaches.
* Conduct digital forensics investigations and malware analysis, taking a lead role in investigations of complex security incidents.
* Maintain communication with relevant stakeholders, including IT teams, management, and external parti
* Collaborate with different teams to share information and coordinate response efforts.
* Leverage threat intelligence to defend against potential attacks proacti
* Generate reports on security incidents, including their nature, scope, and impact and disseminate upon approval for release.
* Maintain a robust understanding of current and emerging cybersecurity threats, vulnerabilities, and trends, leveraging this knowledge to inform proactive defense strategies.
* Utilize various threat intelligence sources to integrate and operationalize threat intelligence within security operati
* Maintain a strong understanding of security awareness training techniques, effectively educating staff on best practices and threat awareness.
* Exemplify a commitment to ethical conduct and maintaining the confidentiality, integrity, and availability of organizational data.
* Apply principles of risk management and vulnerability assessment to identify and mitigate potential security risks effecti
* Mentor and train SOC analysts
Required:
* Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field; OR Master's degree in Cybersecurity, Information Security, or a related field can be beneficial and may enhance your qualifications.
* A minimum of eight (8) years of overall experience with six (6) or more in the cybersecurity field including Enterprise Security Operations Center (ESOC) watch teams, network monitoring, incident response, digital forensics, malware analysis, etc.
* Must possess at least one (1) of the following certifications: GMON, GCIH, GCFA, GCIA, GNFA, GCTD, or GCFR
* Demonstrated expertise in leveraging Splunk for threat detection, incident investigation, and security event correlation, including the development of custom queries (SPL), dashboards, and alerts to support advanced cyber threat analysis.
* Possess in-depth knowledge of cybersecurity principles, practices, and frameworks, including Incident Response Frameworks, Executive Orders and National Cybersecurity Strategies, CIS Controls, ISO/IEC 27001, NIST Cybersecurity Framework and Federal Information Security Management Act (FISMA), to guide SOC operati
* Familiarity with various security technologies, including firewalls, IDS/IPS, endpoint protection, security information and event management (SIEM) tools, and advanced threat detection tools.
* Expert knowledge of network protocols, operating systems, and application security to effectively analyze and respond to emerging threats.
* Expertise in established cyber threat intelligence frameworks, such as MITRE ATT&CK, to inform security strategies and enhance threat analysis.
* Advanced analytical and problem-solving skills to assess complex security incidents and identify root causes, ensuring effective resoluti
* Ability to create and maintain comprehensive incident response procedures, playbooks, and detailed reports on security incidents.
* Possess excellent communication skills to convey complex technical information clearly to diverse stakeholders, including management and non-technical teams.
* Demonstrated the ability to lead and collaborate effectively with cross-functional teams, including IT, compliance, legal, and external partners, to enhance overall security posture.
* Ability to analyze and interpret security metrics to assess and improve the effectiveness of security controls and operati
* Capability to evaluate and recommend new security technologies and tools to enhance the SOC's capabilities and overall security posture.
Desired:
* Experience with MS Sentinel
* Experience with scripting or programming languages (e.g., PowerShell, Python)
Clearance:
* Active Top Secret with SCI eligibility
Location: Huntsville, AL (on-site)
Compensation:
* Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.
Benefits:
* Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and maternity/paternity leave
Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.
At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?
Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
group id: 91085617
